Trojan attached in fake emails regarding license key from Adobe


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the following subjects:

Download your adobe software
Download your license key
Thank you for your order
Your order is processed

This email is send from the spoofed address “Adobe Software <soft@adobes.com>”, “Adobe Software <support@adobes.com>”, “Adobe <software@adobes.com>”, “Adobe Software <your_order@adobes.com>” or similar and has the following body:

Hello.

Thank you for buying Director 11.5 software.
Your Adobe License key is in attached document below.

Adobe Systems Incorporated.

Hello.

Thank you for buying Creative Suite 6 Master Collection software.
Your Adobe License key is in attached document below.

Adobe Systems Incorporated.

Order Notification.

Thank you for buying Adobe Connect software.
Your Adobe License key is in attached document below.

Adobe Systems Incorporated.

The attached ZIP file has the name License_Key_OR8957.zip and contains the 209 kB large file License_Key_Document_Adobe_Systems_Incorporated.exe.

The trojan is known as Win32:Malware-gen, W32/Trojan.BDDH-7155, W32/Trojan3.GVP, Trojan-Downloader.Win32.Dofoil.rqh or Artemis!30AAE526F5C4.

At the time of writing, 11 of the 45 AV engines did detect the trojan at Virus Total.

Use the Virus Total permalink and Malwr permalink for more detailed information.
SHA256: a6cb6905775a7c4995222b3d91e7513a405d0cd183b7106dd713e720b2a4762a.

13 Responses to Trojan attached in fake emails regarding license key from Adobe

  1. Supremetwo says:

    SHA256: faf46a63a14d454933450827b57f356c25e127061c4eafcc93dfc320d6621c05

    New version not detected by 0/49

  2. Unicorn Film says:

    I just received the following message from Adobe :

    Hello.
    Thank you for buying Acrobat X Pro software.
    Your Adobe License key is in attached document below.
    Adobe Systems Incorporated.

    The zip-file attached was License_key_OR5450.z

  3. Pingback: Spam mail promising Adobe License key delivers Trojan | InsecureNet.info - The Insecure Web

  4. Pingback: Email scam with Adobe license key - Loss Prevention Leaders - Journal

  5. Pingback: ระวัง! อีเมล์โหลดฟรี Adobe มีไวรัส

  6. Pingback: Trojanac u emailovima koje navodno šalje Adobe | Cayber Crimos

  7. Pingback: Adobe Warns of Phishing Attacks Likely Stemming From Breach | Threatpost | The First Stop For Security News

  8. Pingback: Adobe Warns of New License Key Scam Phishing Campaign « Cyber Security Aid

  9. Pingback: Spam mail promising Adobe License key delivers Trojan | News

  10. Pingback: Adobe Warns of New License Key Scam Phishing Campaign

  11. The modern integration of software’s is useful to protect files. This is intense! Nice!

  12. Pingback: Adobe Warns of New License Key Scam Phishing Campaign - Vaxxe Interactive

Follow

Get every new post delivered to your Inbox.

Join 346 other followers

%d bloggers like this: